CVE-2019-25156

dstar2018 Agency search.php cross site scripting

CVSS 3.5 LOWEPSS 0.5%CWE-79

A vulnerability classified as problematic was found in dstar2018 Agency up to 61. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument QSType/QuickSearch leads to cross site scripting. The attack can be launched remotely. The patch is named 975b56953efabb434519d9feefcc53685fb8d0ab. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-244495.

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Produtos afetados

dstar2018 · Agency

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/dstar2018/agency-code-repo/commit/975b56953efabb434519d9feefcc53685fb8d0ab https://vuldb.com/?ctiid.244495 https://vuldb.com/?id.244495